Good afternoon everyone,
I was wondering if anyone has found a way to do this, as I dont see a way to get it working.
Scenario : We have a set of servers in a subnet, that share a domain with many servers. All these servers follow a naming convention that set them apart. Our users really only know to access these by their DNS name. We want to give users the ability to access this group of servers, but not to every server in the domain address space.
Example : 100+ server in our development space might have the name 'Dev-“name”-01.domain.com] and resides in the subnet 192.168.1.0/24. But the entire .domain.com might have 1000 servers in it, and span many subnets. Users should not have access to this whole space.
The easiest way to do it, would be if we could allow something in a policy like "Dev.domain.com" … but it doesnt seem like we can do that. We do NOT want to allow *.domain.com.
Any suggestions? Thanks!